This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-sugarcrm_12.1-1_i386.tar.gz.sig gpg: Signature made Wed Jun 5 00:30:44 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6aa561cf6875a47f0beffc599300043fb893095d * md5sum 3dc76c8b9eb96d7ea01b27beab0b10cd You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRroaqAAoJEIXCXpWhbrlNT1QIAN/5tdz/B8KlCFOryAJGhdnO sFm3DwpAPd6tsBKNFnAPbE+1s+jFoaOv66bDm461vYuMz6japu67ZOwRDWMzFHr1 voPZDwWbiv4hetNsojQ/83gUiVFNo8smnOE6zD9QKYtBjhRMhaNx/60lZYlzRlXM D7klpD4OY5kDqTWxHL0L9MxVezfW2QobxGx1B2qivWew3XUllizd8zZ6/y+7Q8tB WP/BiV8oWZ8aw3NpV+2mWIBFD/KEt38A9JY8kTkHdsgFEO+Fiisgyr0yE4G3hL05 D2JdMM1ctyK/570yDjlum5pfunDF+9SL4guExqmp+G20GTKVU60lxxP8Ux2RExo= =X6QL -----END PGP SIGNATURE-----